package com.star.demo.expression;

import com.star.demo.domain.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.List;

//自定义权限校验方法
@Component("ex")
public class StarExpressionRoot {

    public boolean hasAuthority(String authority){
        //获取当前用户的权限：可以写成一个方法
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        List<String> permissions = loginUser.getPermissions();
        //判断用户权限集合中是否存在authority：可以后续判断是否重复
        return permissions.contains(authority);
    }
}